Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-7000 | ZUSST050 | SV-7303r3_rule | Medium |
Description |
---|
TSS UNIQUSER control option will automatically assign a UID to any user who logs on to OMVS without an OMVS segment. Parameter settings in the TSS impact the security level of z/OS UNIX. In classified systems user access will not be determined by default. |
STIG | Date |
---|---|
z/OS TSS STIG | 2017-06-26 |
Check Text ( C-3701r2_chk ) |
---|
If the system in not classified this is not applicable. From a command line issue the following command: Note: One must have appropriate access to perform this command (have the site security officer to issue command). TSS MODIFY STATUS Examine the following options: UNIQUSER Alternately: Refer to the following report produced by the TSS Data Collection: - TSSCMDS.RPT(STATUS) - System Classification Automated Analysis requiring Additional Analysis: Refer to the following report produced by the TSS Data Collection: - PDI(ZUSST050) If system is classified and UNIQUSER is off i.e., (UNIQUSER(OFF) there is no finding. |
Fix Text (F-81943r1_fix) |
---|
Ensure that Use of the OMVS default UIDs will not be allowed on any classified system. Set Control Option UNIQUSER off. |